Metasploit framwork is one of the most used framework used for penetration testing. With over 1500+ modules it is the first choice of every pentester.

1. -Deepanshu
d78ui98
GETTING STARTED
WITH
METASPLOIT FRAMEWORK

2. OUR AGENDA
What is metasploit?
Its history
Basic terminologies
Architecture of metasploit
Modules
Few demos
Conclusion

3. WHAT IS METASPLOIT FRAMEWORK?

4. METASPLOIT FRAMEWORK
• Its an open source exploitation
framework.
• It is not just a single tool but collection of
several.
• Used mostly for Penetration Testing,
Research, Creating and Testing new
exploits.
• It provides infrastructure to automate
mundane and complex tasks.

5. LIL BIT HISTORY
 Created by HD Moore in 2003 in perl
 Follow up project came in 2004 Metasploit 2.0
 Metasploit 3.0 released in 2007
 In 2009 Metasploit was acquired by Rapid 7
 Then Metasploit pro and Metasploit Express were
devloped

6. BASIC
TERMINOLOGIES
#Vulnerability
Weakness in a system, a
bug which is to be
exploited

7. #Exploit
• Basically a piece of
code to take
advantage of a
Vulnerability

8. #PAYLOAD
• Another piece of code
that is executed
through given exploit.
• lets us control a
computer system after
it’s been exploited

9. ARCHITECTURE OF
METASPLOIT
• It is kind of Important to understand the
basic structure of metasploit how is it
designed. We should not directly start with
the exploiting targets.

11. MODULES
Exploits
Payloads
Encoders
Nops
Auxiliary

12. #ENCODERS
• Encoders are used to evade the anti- virus
Softwares and firewall
• However it has no effect on the functionality of
out exploit
• Popular encoders are –
1. shikata_ga_nai
2. base64
3. powershell_base64

13. #NOPS
• NOP is short for No OPeration
• NOPs keep the payload sizes consistent ensuring
that validly executable by the processor..
Basically makes payload stable

14. #AUXILIARY
• Provides additional
functionality like
scanning, fuzzing,
Information gathering

15. #PAYLOADS
 Singles
Usually standalone. Fire and forget type.
 Stagers
Payload is divided into stages.
 Stages
Components of stager module.

16. • In case of bind tcp an exploit opens a
vulnerable port in victim machine. And then it
waits for connection from attacker
BIND TCP SHELL

17. • In case of bind reverse tcp the target machine
communicate back to attacker machine. Attacker
machine has listening port open on which it
receives connection.
BIND REVERSE TCP

18. NOW WE KNOW
ENOUGH THEORY
TO TRY OUT
METASPLOIT FRAMEWORK

19. 3 INITIAL STEPS
1. Start the postgresql service
2. Then make sure that msf database is running
3. Launch the metasploit framework by typing in
msfconsole

21. SOME COMMANDS
 Show exploits
 Search
 Show info
 Show options
 Set

22.  Rhost
 Lhost
 Exploit or run
 Show advanced
 Back

23. DEMO 1
Using tcp scanner auxiliary

24. LETS START EXPLOITING

25. DEMO 2
Getting shell on Metasploitable VM

26. A SIMPLE COMMAND SHELL FROM ATTACKER TO VICTIM

27. #MSFVENOM
• It is a standalone payload generator and
encoder
• Msfvenom replaced msfpayload and
msfencoder in 2015.
• It allows use to create playloads in c, exe,
python, java formats.
• Basically allow us to create mallicious files.

28. MSFVENOM STEPS
• Create a malicious file.
• Start the payload handler.
• Get victim to run the malicious file.

29. DEMO 3
Meterpreter shell on windows 7
machine via msfvenom

30. ARMITAGE
Armitage is an attack manager tool that
automates Metasploit in a graphical way.
Created by Raphael Mudge
Written in java

31. THIS IS HOW IT LOOKS LIKE

32. THIS IS HOW IT CAN LOOK LIKE AFTER ATTACK

33. DEMO 4
Internet explorer css exploit to
get meterpreter shell

35. PIVOTING
• Pivoting is a technique that allows
attackers to use a compromised system to
attack other machines in the same
network
• Basically hack another machine through
already compromised machine

36. DEMO 5
Pivoting an actual target

37. WAYS TO PREVENT THESE
ATTACKS
Don’t download files from unknown
sources.
Always run the latest version of software or
Operating system.
Don’t click on Random links on the internet.
Lastly, Be smart don’t get social engineered
by someone.

38. CONSLUSION
These were some of the basic metasploit
attacks.
The point was not only to teach you that
something like happens but also about
how to prevent it.

39. Go ahead. Ask away
QUESTIONS
AND
ANSWERS

40. Hope you all had same amount of fun as I had while making this
presentation
THANK
YOU
FOR JOINING

41. SRC
• https://github.com/rapid7/metasploit-framework/wiki
• https://www.offensive-security.com/metasploit-unleashed/
• https://www.slideshare.net/nullhyd/metasploit-42992322
• https://www.corelan.be/
• https://www.phillips321.co.uk/
• https://pentestn00b.wordpress.com/
• https://community.rapid7.com/community/metasploit
• http://www.hackingtutorials.org/metasploit-tutorials/
• http://metasploited.blogspot.in/2012/01/metasploit-tutorial-basics.html
• https://www.kali.org/
• https://developer.microsoft.com/en-us/microsoft-edge

42. IGNORE THE LAST SLIDE
• REX-- Handles almost all core functions such as setting up sockets, connections,
formatting, and all other raw functions MSF CORE-- Provides the basic API and the actual
core that describes the framework MSF BASE-- Provides friendly API support to modules
• run event_manger –c
• Pivoting refers to accessing the restricted system from the attacker's system through the
compromised system
• netstat -anp|grep "port_number"
•